Back to sudo PTS page

Accepted sudo 1.8.19p1-2.1+deb9u3 (source) into oldstable

To: dispatch@tracker.debian.org, debian-lts-changes@lists.debian.org
Subject: Accepted sudo 1.8.19p1-2.1+deb9u3 (source) into oldstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Tue, 26 Jan 2021 18:10:13 +0000
Mail-followup-to: debian-lts@lists.debian.org
Message-id: <E1l4Sn7-0001K6-Uc@seger.debian.org>
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 23 Jan 2021 10:10:33 +0100
Source: sudo
Architecture: source
Version: 1.8.19p1-2.1+deb9u3
Distribution: stretch-security
Urgency: high
Maintainer: Bdale Garbee <bdale@gag.com>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Changes:
 sudo (1.8.19p1-2.1+deb9u3) stretch-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Heap-based buffer overflow (CVE-2021-3156)
     - Reset valid_flags to MODE_NONINTERACTIVE for sudoedit
     - Add sudoedit flag checks in plugin that are consistent with front-end
     - Fix potential buffer overflow when unescaping backslashes in user_args
     - Fix the memset offset when converting a v1 timestamp to TS_LOCKEXCL
     - Don't assume that argv is allocated as a single flat buffer
Checksums-Sha1:
 de5795ac90fbc07c80e670cd44c4882e744cff6b 2190 sudo_1.8.19p1-2.1+deb9u3.dsc
 080a3c615a7b35ac8579bf5f8123e4aa07f4802c 32284 sudo_1.8.19p1-2.1+deb9u3.debian.tar.xz
 2ee2a0288ba1ee3e4c727eb480766f32c8659f64 5624 sudo_1.8.19p1-2.1+deb9u3_source.buildinfo
Checksums-Sha256:
 81e70db0805f097cb8a4c184d2aaa5de7389b93711d9761aa6e01f40ea6c99c9 2190 sudo_1.8.19p1-2.1+deb9u3.dsc
 8b0b705dfbd723a91d4eb43b5d90ed36a92d28129bb26a6147e9b1459cb37f67 32284 sudo_1.8.19p1-2.1+deb9u3.debian.tar.xz
 22f41fbd8566dfcad3e72d99c5dcef937c138545b66188b7d03eed5648c8a6b6 5624 sudo_1.8.19p1-2.1+deb9u3_source.buildinfo
Files:
 32d4560e4ce20feb0dbe93fe382bdc54 2190 admin optional sudo_1.8.19p1-2.1+deb9u3.dsc
 a1920ac75ca91b7f363450b5687c3702 32284 admin optional sudo_1.8.19p1-2.1+deb9u3.debian.tar.xz
 c18e24485867fad3692037d0f013c07c 5624 admin optional sudo_1.8.19p1-2.1+deb9u3_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmAQSiNfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89Ey/YP/1EvIJAIZG9E2lggwOkeUdlkzoqM1oAY
WahfpKAbEg2jbsXgrK6cZfh3mP6nqxTbdqi0roPJ9xYMZrHmuneCe63JucohPmiq
2l32tcsRjU75PMo5XWUATlTR9bA5Pc/vWSyGhIudOyV1YkUJHO4qG3NzFX1Q4j7C
TZSV8UE2dvTPIdeeurW26dhiB6vExZTXLPFRF6bxNADsuNuME/c73xEDatJjJnUx
t6KX1ANvbwns932l1b6GzwemZhhVkN14nkUy67JRzKyiS+dYjDAivqPzepeD+KDV
JPEuHW0Y+k+isqpsclaT2lJywgHOyXumj0hFT23YCgZqiCuhjO69gvj3JzgjJLZ9
CvevNBJUw48DROLJIT+9yRRJUibTMLbRfJtJXuuKnHlx+w8Sw4rHL8QLmBUkDMRw
RPbZue9ybzYO5PdlScikke3E96PYyXfI11LhSw8shxelmmsJis3kdga5Ih26nrVn
BIsJTLKJQDFffVQvymPjuMc9A5twGdTn5+LW4BVe9wU7Xjn6QmJEMm41SVEmup+W
tF7KhkP/yXHqCDuqWa8iOVrY/7fh/eySvkTK+FZSkHPUCUJDHyhRTii0xJwpr/Yg
Ubj8r2IZT7OfUIcGzjt4zgmpdhTrkB5FeeI+T+R/tb9V5nRRi/ESz8fc+1qedFz5
nakP3mEaav/W
=yZ4B
-----END PGP SIGNATURE-----